When scanning for targets, iSCSI might give different results
depending on the interface used. This is basically just name of
config file under /etc/iscsi/ifaces to use. The file contains
initiator IQN thus different results claim.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
qemuagenttest also depends on JSON object key ordering:
Invalid value of argument 'vcpus' of command 'guest-set-vcpus':
expected '[{"logical-id":1,"online":false}]' got '[{"online":false,"logical-id":1}]'
Skip it as well.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
We have several cases when a VM has multiple disks in the test files so
having another one without any interesting configuration is not
necessary.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Move the authentication and ipv6 cases into the main test file. To allow
removal of the separate testing of the secure credential passing via the
'secret' object in qemu, use the DO_TEST_CAPS_VER macro with version
2.5.0 when the secret object is not supported by qemu.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
The xml2argv variant was unused. The xml2xml variant is redundant in
other tests for RBD.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Move various different iSCSI configuration into one test file.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Move the 'unsafe' cache test into 'disk-cache' and remove all the
individual cases for one cache mode each.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
We'll aggregate testing of all cache modes in this test later on.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Unify most of the tests into a common test named disk-cdrom-network by
adding multiple cdroms. The 'http' test is dropped since there can be
only 4 cdroms.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Few disk tests were testing support for pure -drive command line
generation for disks now that we assume it for all qemu versions the
cases are obsolete.
Replacements:
disk-readonly-no-device -> disk-readonly-disk
disk-floppy-tray-no-device -> disk-floppy-tray
disk-cdrom-tray-no-device -> disk-cdrom-tray
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
We also have disk-copy_on_read.xml which also tests the command line.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
When gnutls negotiates TLS 1.3 instead of 1.2, the order of messages
sent by the handshake changes. This exposed a logic bug in the test
suite which caused us to wait for the server to see handshake
completion, but not wait for the client to see completion. The result
was the client didn't receive the certificate for verification and the
test failed.
This is exposed in Fedora 29 rawhide which has just enabled TLS 1.3 in
its GNUTLS builds.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Historically, we've always enabled an emulated video device every time we
see that graphics should be supported with a guest. With the appearance
of mediated devices which can support QEMU's vfio-display capability,
users might want to use such a device as the only video device.
Therefore introduce a new, effectively a 'disable', type for video
device.
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Since QEMU 2.12, QEMU understands a new vfio-pci device option 'display'
which can be used to turn on display capabilities on vgpu-enabled
mediated devices, IOW emulated GPU devices like QXL will no longer be
needed with vgpu-enable mdevs.
QEMU defaults to 'auto' for the 'display' attribute, which is not
foolproof, so we need to play it safe here and default to display='off'
if this attribute wasn't provided in the XML explicitly.
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
QEMU 2.12 introduced a new type of display for mediated devices using
vfio-pci backend which allows a mediated device to be used as a VGA
compatible device as an alternative to an emulated video device. QEMU
exposes this feature via a vfio device property 'display' with supported
values 'on/off/auto' (libvirt will default to 'off').
This patch adds the necessary bits to domain config handling in order to
expose this feature. Since there's no convenient way for libvirt to come
up with usable defaults for the display setting, simply because libvirt
is not able to figure out which of the display implementations - dma-buf
which requires OpenGL support vs vfio regions which doesn't need OpenGL
(works with OpenGL enabled too) - the underlying mdev uses.
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
QEMU 2.12 introduced a new vfio-pci device option 'display=on/off/auto'.
This patch introduces the necessary capability.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Since 2.10 QEMU supports a new display type egl-headless which uses the
drm nodes for OpenGL rendering copying back the rendered bits back to
QEMU into a dma-buf which can be accessed by standard "display" apps
like VNC or SPICE. Although this display type can be used on its own,
for any practical use case it makes sense to pair it with either VNC or
SPICE display. The clear benefit of this display is that VNC gains
OpenGL support, which it natively doesn't have, and SPICE gains remote
OpenGL support (native OpenGL support only works locally through a UNIX
socket, i.e. listen type=socket/none).
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Since QEMU 2.10, it's possible to use a new type of display -
egl-headless which uses drm nodes to provide OpenGL support. This patch
adds a capability for that. However, since QEMU doesn't provide a QMP
command to probe it, we have to base the capability on specific QEMU
version.
Acked-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Add a second check for Jansson >= 2.8, which includes
fixes to preserve ordering of object keys.
Use this constant to guard tests that depend on stable ordering.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Yajl has not seen much activity upstream recently.
Switch to using Jansson >= 2.5.
All the platforms we target on https://libvirt.org/platforms.html
have a version >= 2.7 listed on the sites below:
https://repology.org/metapackage/jansson/versionshttps://build.opensuse.org/package/show/devel:libraries:c_c++/libjansson
Additionally, Ubuntu 14.04 on Travis-CI has 2.5. Set the requirement
to 2.5 since we don't use anything from newer versions.
Implement virJSONValue{From,To}String using Jansson, delete the yajl
code (and the related virJSONParser structure) and report an error
if someone explicitly specifies --with-yajl.
Also adjust the test data to account for Jansson's different whitespace
usage for empty arrays and tune up the specfile to keep 'make rpm'
working when bisecting.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
The tls, x509 and x509verify options were deprecated in QEMU v2.5.0:
commit 3e305e4a4752f70c0b5c3cf5b43ec957881714f7
Author: Daniel P. Berrange <berrange@redhat.com>
ui: convert VNC server to use QCryptoTLSSession
Use the tls-creds-x509 object when available.
https://bugzilla.redhat.com/show_bug.cgi?id=1598167
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Add a test with QEMU 2.4.0 capabilites, as well as the latest caps.
The code paths for formatting TLS options will be altered and
2.4.0 is the newest version where QEMU_CAPS_OBJECT_TLS_CREDS_X509
is not supported.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
The original capabilities didn't include a patched kernel for spectre,
SPICE gl support and had xen support enabled which we already have
dropped.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
The 'simpleFunc' data structure is overwritten by the code generated
from the macros which initiate the tests. This means that most of the
tests would get NULL 'schema' member which means that the schema
validation would not take place.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
The debug output of the schema validator on success is not so
interesting that it should be printed when basic debugging is enabled.
Print it only when test debugging is set to 3 and more.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
virQEMUQAPISchemaPathGet returns success when a given schema path was
not found but the returned object is set to NULL. This meant that we'd
call testQEMUSchemaValidate with the schemaroot being NULL which lead to
a crash if a mistyped monitor command was tested.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Use the new proper location for the read/write error policy selection.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Support for specifying it with the -device frontend was added recently.
Add a capability for it.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Add output arguments generated with the latest qemu capabilities.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Add multiple drives with the various configurations rather than having
multiple tests.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
To allow using -blockdev with RBD we need to support the recently added
RBD authentication.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Based on qemu commit ab3257c281c1a1a91da1090ac9e38ddd8f860c63
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Add helpers that allow using the latest schema from the replies from an
actual qemu which are recorded for the purpose of the qemucapabilities
test instead of an unsynced copy stored in qemuqapischema.json.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
We are testing character devices so the disk is not necessary. Minimize
the configuration. This will prevent changes when switching to blockdev.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
QEMU uses a shorthand '-sdl' which maps to '-display sdl'. However, if
there are any options to be passed to SDL, the full command version must
be used. Everything seemingly worked for us until commit 5038b30043
introduced OpenGL support for SDL and added ',gl=on/off' option which as
mentioned above could have never worked with the shorthand version of
the command. Indeed starting a domain with an SDL display and OpenGL
enabled, QEMU produces a rather cryptic error:
-sdl: Could not open 'gl=on': No such file or directory
This patch provides fixes to both the SDL cmdline generation and the
test suite.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
When support was adding for passing a pre-opened listener socket to UNIX
chardevs, it accidentally passed the listener socket for client mode
chardevs too with predictable amounts of fail resulting. This affects
libvirt when using QEMU >= 2.12
Expand the unit test coverage to validate that we are only doing FD
passing when operating in server mode.
https://bugzilla.redhat.com/show_bug.cgi?id=1598440
Tested-by: Richard W.M. Jones <rjones@redhat.com>
Reported-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
QEMU chardevs have a bug which makes the vhostuser backend complain
about lack of support for FD passing when validating the chardev.
While this is ultimately QEMU's responsibility to fix, libvirt needs to
avoid tickling the bug.
Simply disabling chardev FD passing just for vhostuser's chardev is
the most prudent approach, avoiding need for a QEMU version number
check.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Currently we format the serial, geometry and error policy on the -drive
backend argument.
QEMU added the ability to set serial and geometry on the frontend in
the 1.2 release deprecating use of -drive, with support being deleted
from -drive in 3.0.
We keep formatting error policy on -drive for now, because we don't
ahve support for that with -device for usb-storage just yet.
Note that some disk buses (sd) still don't support -device. Although
QEMU allowed these properties to be set on -drive for if=sd, they
have been ignored so we now report an error in this case.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
testQemuMonitorJSONqemuMonitorJSONGetBlockStatsInfo added 4 replies but
only one was used. Additionally the comment stated that 7 replies are
going to be added.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Starting with QEMU 2.9, encryption convert processing requires
a multi-step process in order to generate an encrypted image from
some non encrypted raw image.
Processing requires to first create an encrypted image using the
sizing parameters from the input source and second to use the
--image-opts, -n, and --target-image-opts options along with inline
driver options to describe the input and output files, generating
two commands such as:
$ qemu-img create -f luks \
--object secret,id=demo.img_encrypt0,file=/path/to/secretFile \
-o key-secret=demo.img_encrypt0 \
demo.img 500K
Formatting 'demo.img', fmt=luks size=512000 key-secret=demo.img_encrypt0
$ qemu-img convert --image-opts -n --target-image-opts \
--object secret,id=demo.img_encrypt0,file=/path/to/secretFile \
driver=raw,file.filename=sparse.img \
driver=luks,file.filename=demo.img,key-secret=demo.img_encrypt0
$
This patch handles the convert processing by running the processing
in a do..while loop essentially reusing the existing create logic and
arguments to create the target vol from the inputvol and then converting
the inputvol using new arguments.
This then allows the following virsh command to work properly:
virsh vol-create-from default encrypt1-luks.xml data.img --inputpool default
where encrypt1-luks.xml would provided the path and secret for
the new image, while data.img would be the source image.
Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1526382
Since commit c4eedd793 disallowed qcow2 encrypted images to be
used for domains, it no longer makes sense to allow a qcow2
encrypted volume to be created or resized.
Add a test that will exhibit the failure of creation as well
as the xml2xml validation of the format still being correct.
Update the documentation to note the removal of the capability
to create and use qcow/default encrypted volumes.
Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
We're about to disallow creation of a qcow2 encrypted storage
volume, so let's remove the qcow encryption element from the
tests which are testing whether other format='qcow2' related
features work properly.
Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Add the storagevolxml2xmltest "luks" and "luks-cipher" tests
to the storagevolxml2argvtest.
Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Allowing a NULL @secretPath for virStorageBackendCreateQemuImgCmdFromVol
would result in a generated command line with a dangling "file=" output.
So let's make sure the @secretPath exists before processing.
This means we should pass a dummy path from the storage test.
Signed-off-by: John Ferlan <jferlan@redhat.com>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
Add comma escaping for netsource. This is done here because
qemuBuildNetworkDriveStr has other external callers which
may not expect an escaped comma; however, this particular
command building path needs to perform the escaping for the
hostdev command line, so we do it now to ensure src->path
and src->host->name are covered.
Signed-off-by: Anya Harter <aharter@redhat.com>
A typical XML representation of the virNWFilterBindingDefPtr struct
looks like this:
<filterbinding>
<owner>
<name>f25arm7</name>
<uuid>12ac8b8c-4f23-4248-ae42-fdcd50c400fd</uuid>
</owner>
<portdev name='vnet1'/>
<mac address='52:54:00:9d:81:b1'/>
<filterref filter='clean-traffic'>
<parameter name='MAC' value='52:54:00:9d:81:b1'/>
</filterref>
</filterbinding>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This doesn't seem very useful at the moment, but it will make
sense once we introduce another HPT-related setting.
The output XML is decoupled from the input XML in preparation
of future changes as well; while doing so, we can shave a few
lines off the latter.
This commit is best viewed with 'git show -w'.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
This is a regression in behavior caused by commit 37359814. It was
intended to limit the schema to allow only a single subelement of
<rule>, but it is also acceptable for <rule> to have no subelement at
all.
To prevent the same error from reoccurring in the future, the
examples/xml/nwfilter directory was added to the list of nwfilter
schema test directories.
Resolves: https://bugzilla.redhat.com/1593549
Signed-off-by: Laine Stump <laine@laine.org>
ACKed-by: Michal Privoznik <mprivozn@redhat.com>
VMs with hardcoded platform network devices are forced to use old
style '-net nic' command line config. Current we use qemu's vlan
option to hook this with the '-netdev' host side of things.
However since qemu 1.2 there is '-net nic,netdev=X' option for
explicitly referencing a netdev ID, which is more inline with
typical VM commandlines, so let's switch to that
Signed-off-by: Cole Robinson <crobinso@redhat.com>
Since e6be524508 we include the executed command along
with the reply in *.replies files, which breaks the
renumbering logic implemented in qemucapsfixreplies.
Adapt the script so that it works with the new format.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Add comma escaping for cfg->spiceTLSx509certdir and
graphics->data.spice.rendernode.
Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Add comma escaping for smartcard->data.cert.file[i] and
smartcard->data.cert.database.
Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Add comma escaping for dev->data.file.path in cases
VIR_DOMAIN_CHR_TYPE_DEV and VIR_DOMAIN_CHR_TYPE_PIPE.
Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Add test case explicitly defining a smartcard host certificates
database via the following xml:
<smartcard mode='host-certificates'>
<database>/tmp/foo</database>
</smartcard>
This case is not currently covered in the test suite.
Signed-off-by: Anya Harter <aharter@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
We only formatted the <sev> element when QEMU supported the feature when
in fact we should always format the element to make clear that libvirt
knows about the feature and the fact whether it is or isn't supported
depends on QEMU version, in other words if QEMU doesn't support the
feature we're going to format the following into the domain capabilities
XML:
<sev supported='no'/>
This patch also adjusts the RNG schema accordingly in order to reflect
the proposed change.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
When testing a domain XML with TPM we overwrite UNIX socket path
to mimic what qemuTPMEmulatorPrepareHost() is doing (because
*PrepareHost() functions are not called from the test). But we
are not doing it fully - we need to set the chardev's type too so
that virDomainTPMDefFree() can free the path.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Andrea Bolognani <abologna@redhat.com>
Adjust the documentation, parser and tests to change:
launch-security -> launchSecurity
reduced-phys-bits -> reducedPhysBits
dh-cert -> dhCert
Also fix the headline in formatdomain.html to be more generic,
and some leftover closing elements in the documentation.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Tested-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Use qemuMonitorTestNewFromFileFull which allows to test commands used
along with providing replies. This has two advantages:
1) It's easier to see which command was used when looking at the files
2) We check that the used commands are actually in the correct order
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
Change the output of qemucapsprobe to record the commands used for
querying. This allows to easily identify which reply belongs to which
command and also will allow to test whether we use stable queries.
This change includes changing dropping of the QMP greeting from the file
and reformatting of the query and output to stdout.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
The prettyfied output may sometimes contain empty lines which would
desynchonize the test monitor workers. The skipping code can be much
simplified though. Also a extract it so so that it's obvious what
it's doing and can be reused.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
The test file can be broken up by newlines and is automatically
concatenated back. Fix the control flow so that the concatenation code
'continues' the loop rather than branching out.
Also add an anotation to the concatenation code.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
On EOF, the loop can be terminated right away since most of it is
skipped anyways and the handling of the last command is repeated after
the loop.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
The test data for capabilities is obtained from two consecutive qemu
runs when the regular monitor object will be reset. Do the same for the
test monitor object which is not disposed between runs by calling
qemuMonitorResetCommandID.
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
QEMU >= 2.12 provides 'sev-guest' object which is used to launch encrypted
VMs on AMD platform using SEV feature. The various inputs required to
launch SEV guest is provided through the <launch-security> tag. A typical
SEV guest launch command line looks like this:
-object sev-guest,id=sev0,cbitpos=47,reduced-phys-bits=5 ...\
-machine memory-encryption=sev0 \
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
The launch-security element can be used to define the security
model to use when launching a domain. Currently we support 'sev'.
When 'sev' is used, the VM will be launched with AMD SEV feature enabled.
SEV feature supports running encrypted VM under the control of KVM.
Encrypted VMs have their pages (code and data) secured such that only the
guest itself has access to the unencrypted version. Each encrypted VM is
associated with a unique encryption key; if its data is accessed to a
different entity using a different key the encrypted guests data will be
incorrectly decrypted, leading to unintelligible data.
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
QEMU version >= 2.12 provides support for launching an encrypted VMs on
AMD x86 platform using Secure Encrypted Virtualization (SEV) feature.
This patch adds support to query the SEV capability from the qemu.
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
Commit id d8e8b63d introduced the test, but neglected to check for
error from virTestLoadFile in testCompareXMLToDomConfig.
Found by Coverity
Signed-off-by: John Ferlan <jferlan@redhat.com>
Reviewed-by: Katerina Koukiou <kkoukiou@redhat.com>